IETF Logo Mail Archive

Re: [OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt

Anthony Nadalin <tonynad@microsoft.com> Tue, 30 July 2013 07:59 UTC

Return-Path: <tonynad@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 672A011E80F4 for <oauth@ietfa.amsl.com>; Tue, 30 Jul 2013 00:59:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.466
X-Spam-Level:
X-Spam-Status: No, score=-3.466 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FwB-FvNMTave for <oauth@ietfa.amsl.com>; Tue, 30 Jul 2013 00:59:41 -0700 (PDT)
Received: from co9outboundpool.messaging.microsoft.com (co9ehsobe005.messaging.microsoft.com [207.46.163.28]) by ietfa.amsl.com (Postfix) with ESMTP id ACA8D21F9EC4 for <oauth@ietf.org>; Tue, 30 Jul 2013 00:59:40 -0700 (PDT)
Received: from mail113-co9-R.bigfish.com (10.236.132.233) by CO9EHSOBE029.bigfish.com (10.236.130.92) with Microsoft SMTP Server id 14.1.225.22; Tue, 30 Jul 2013 07:59:40 +0000
Received: from mail113-co9 (localhost [127.0.0.1]) by mail113-co9-R.bigfish.com (Postfix) with ESMTP id 058CA680163 for <oauth@ietf.org>; Tue, 30 Jul 2013 07:59:40 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:autodiscover.service.exchange.microsoft.com; EFVD:NLI
X-SpamScore: -17
X-BigFish: VS-17(zf7Iz9371I936eIc85fh1b0bIdb82hzz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6h1082kzz16d858h1d7338h1de098h1033IL17326ah18c673h1de096h1954cbh18602eh8275bh8275dh1de097hz2fh2a8h683h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h1b0ah1bceh1d07h1d0ch1d2eh1d3fh1de9h1dfeh1dffh1e1dh17ej9a9j1155h)
Received-SPF: pass (mail113-co9: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=tonynad@microsoft.com; helo=TK5EX14HUBC103.redmond.corp.microsoft.com ; icrosoft.com ;
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT002.namprd03.prod.outlook.com; R:internal; EFV:INT
Received: from mail113-co9 (localhost.localdomain [127.0.0.1]) by mail113-co9 (MessageSwitch) id 1375171176725258_28062; Tue, 30 Jul 2013 07:59:36 +0000 (UTC)
Received: from CO9EHSMHS015.bigfish.com (unknown [10.236.132.239]) by mail113-co9.bigfish.com (Postfix) with ESMTP id A2487280049 for <oauth@ietf.org>; Tue, 30 Jul 2013 07:59:36 +0000 (UTC)
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.8) by CO9EHSMHS015.bigfish.com (10.236.130.25) with Microsoft SMTP Server (TLS) id 14.16.227.3; Tue, 30 Jul 2013 07:59:36 +0000
Received: from db9outboundpool.messaging.microsoft.com (157.54.51.80) by mail.microsoft.com (157.54.86.9) with Microsoft SMTP Server (TLS) id 14.3.136.1; Tue, 30 Jul 2013 07:58:27 +0000
Received: from mail82-db9-R.bigfish.com (10.174.16.238) by DB9EHSOBE028.bigfish.com (10.174.14.91) with Microsoft SMTP Server id 14.1.225.22; Tue, 30 Jul 2013 07:58:25 +0000
Received: from mail82-db9 (localhost [127.0.0.1]) by mail82-db9-R.bigfish.com (Postfix) with ESMTP id C43FA4E00D0 for <oauth@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Tue, 30 Jul 2013 07:58:25 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(377454003)(69234005)(189002)(199002)(2473001)(377424004)(19580395003)(83322001)(19580405001)(15202345003)(47736001)(76482001)(74876001)(83072001)(561944002)(74366001)(69226001)(80976001)(74316001)(81542001)(19580385001)(50986001)(56776001)(33646001)(47976001)(76576001)(4396001)(16406001)(54356001)(63696002)(19300405004)(79102001)(54316002)(49866001)(74706001)(74502001)(16236675002)(31966008)(80022001)(46102001)(77982001)(59766001)(51856001)(16601075003)(74662001)(65816001)(76796001)(47446002)(14971765001)(81342001)(77096001)(53806001)(56816003)(76786001)(42262001)(24736002)(3826001); DIR:OUT; SFP:; SCL:1; SRVR:BY2PR03MB189; H:BY2PR03MB189.namprd03.prod.outlook.com; CLIP:2001:df8:0:16:3038:679b:8deb:6a4d; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Received: from mail82-db9 (localhost.localdomain [127.0.0.1]) by mail82-db9 (MessageSwitch) id 1375171103522264_20876; Tue, 30 Jul 2013 07:58:23 +0000 (UTC)
Received: from DB9EHSMHS026.bigfish.com (unknown [10.174.16.229]) by mail82-db9.bigfish.com (Postfix) with ESMTP id 7AD313001AE; Tue, 30 Jul 2013 07:58:23 +0000 (UTC)
Received: from BL2PRD0310HT002.namprd03.prod.outlook.com (157.56.240.21) by DB9EHSMHS026.bigfish.com (10.174.14.36) with Microsoft SMTP Server (TLS) id 14.16.227.3; Tue, 30 Jul 2013 07:58:23 +0000
Received: from BY2PR03MB189.namprd03.prod.outlook.com (10.242.36.140) by BL2PRD0310HT002.namprd03.prod.outlook.com (10.255.97.37) with Microsoft SMTP Server (TLS) id 14.16.341.1; Tue, 30 Jul 2013 07:58:21 +0000
Received: from BY2PR03MB189.namprd03.prod.outlook.com (10.242.36.140) by BY2PR03MB189.namprd03.prod.outlook.com (10.242.36.140) with Microsoft SMTP Server (TLS) id 15.0.731.16; Tue, 30 Jul 2013 07:58:19 +0000
Received: from BY2PR03MB189.namprd03.prod.outlook.com ([169.254.6.234]) by BY2PR03MB189.namprd03.prod.outlook.com ([169.254.6.234]) with mapi id 15.00.0731.000; Tue, 30 Jul 2013 07:58:19 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Phil Hunt <phil.hunt@oracle.com>, "oauth@ietf.org WG" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt
Thread-Index: AQHOjDPfwiaLUiaTyEmZrnEI2jXH7Jl83EpA
Date: Tue, 30 Jul 2013 07:58:18 +0000
Message-ID: <0d960c59312649128c5403a45e5f7738@BY2PR03MB189.namprd03.prod.outlook.com>
References: <20130729074941.28839.7732.idtracker@ietfa.amsl.com> <E4ED649B-D9FE-4B38-B8B2-82A7FF600C07@oracle.com>
In-Reply-To: <E4ED649B-D9FE-4B38-B8B2-82A7FF600C07@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:df8:0:16:3038:679b:8deb:6a4d]
x-forefront-prvs: 0923977CCA
Content-Type: multipart/alternative; boundary="_000_0d960c59312649128c5403a45e5f7738BY2PR03MB189namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB189.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%ORACLE.COM$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC103.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC103.redmond.corp.microsoft.com
X-OriginatorOrg: microsoft.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 07:59:46 -0000

So is the intent to provide an enterprise authentication claim? I would think that the proposal would use JWT as the token and then define the appropriate claim in the JWT

From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Phil Hunt
Sent: Monday, July 29, 2013 1:14 AM
To: oauth@ietf.org WG
Subject: [OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt

FYI.  I have been noticing a substantial number of sites acting as OAuth Clients using OAuth to authenticate users.

I know several of us have blogged on the issue over the past year so I won't re-hash it here.  In short, many of us recommended OIDC as the correct methodology.

Never-the-less, I've spoken with a number of service providers who indicate they are not ready to make the jump to OIDC, yet they agree there is a desire to support authentication only (where as OIDC does IDP-like services).

This draft is intended as a minimum authentication only specification.  I've tried to make it as compatible as possible with OIDC.

For now, I've just posted to keep track of the issue so we can address at the next re-chartering.

Happy to answer questions and discuss.

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




Begin forwarded message:


From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>
Subject: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt
Date: 29 July, 2013 9:49:41 AM GMT+02:00
To: Phil Hunt <phil.hunt@yahoo.com<mailto:phil.hunt@yahoo.com>>, Phil Hunt <None@ietfa.amsl.com<mailto:None@ietfa.amsl.com>>, Phil Hunt <>


A new version of I-D, draft-hunt-oauth-v2-user-a4c-00.txt
has been successfully submitted by Phil Hunt and posted to the
IETF repository.

Filename:         draft-hunt-oauth-v2-user-a4c
Revision:         00
Title:                OAuth 2.0 User Authentication For Client
Creation date: 2013-07-29
Group:             Individual Submission
Number of pages: 9
URL:             http://www.ietf.org/internet-drafts/draft-hunt-oauth-v2-user-a4c-00.txt
Status:          http://datatracker.ietf.org/doc/draft-hunt-oauth-v2-user-a4c
Htmlized:        http://tools.ietf.org/html/draft-hunt-oauth-v2-user-a4c-00


Abstract:
  This specification defines a new OAuth2 endpoint that enables user
  authentication session information to be shared with client
  applications.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

The IETF Secretariat

v2.23.0 | Report a Bug | By Email